Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xPt2NJw4lQ6-TmCJNXTQ7kzjpMM.roa
File: xPt2NJw4lQ6-TmCJNXTQ7kzjpMM.roa (raw, json)
Hash identifier: SCwoY5fjAunC7Ka3zckpzGHqj15Y1P3EoyEVaRXqfwU=
Subject key identifier: C4:FB:76:34:9C:38:95:0E:BE:4E:60:89:35:74:D0:EE:4C:E3:A4:C3
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019EA7212F9406BD5E4455D10E03683F4C9F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xPt2NJw4lQ6-TmCJNXTQ7kzjpMM.roa
Signing time: Mon 08 Jun 2026 12:07:10 +0000
ROA not before: Mon 08 Jun 2026 12:07:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Jun 2026 23:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a7:21:2f:94:06:bd:5e:44:55:d1:0e:03:68:3f:4c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 8 12:07:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c4fb76349c38950ebe4e60893574d0ee4ce3a4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:20:59:cf:6d:f2:bd:65:8e:f4:b7:cc:68:
50:66:7c:98:17:d5:8b:eb:6b:f6:57:ee:e6:29:8f:
0f:56:92:94:c8:d0:14:c1:87:15:07:1d:b0:36:ac:
b5:98:b1:5a:2f:8f:5c:12:62:2b:02:ff:06:ec:fa:
08:d3:34:61:01:03:00:fb:2e:db:04:b7:42:fa:15:
f8:7e:3e:8d:c6:29:1e:7c:51:97:a4:6c:ff:d4:8d:
7a:8e:c9:d8:74:62:d0:c2:d1:d8:ad:16:12:51:81:
2a:43:02:bf:2d:e2:b1:20:97:27:7b:a6:2a:78:98:
f8:7e:9a:1f:cf:99:92:7f:b8:48:f9:0e:70:b2:ce:
2d:d7:32:2e:da:c6:13:40:ad:4f:a5:07:b8:86:81:
2e:45:b9:35:7c:e6:e6:c4:fb:d4:b3:c3:5a:26:2e:
68:0b:9a:41:fc:aa:f0:ff:f0:bf:10:ec:0e:4c:a7:
ea:8a:0b:96:16:21:d2:b7:0b:a7:42:54:71:9a:9b:
10:ec:67:7d:8b:ee:d3:ac:1f:67:93:aa:d9:6c:f6:
bc:39:88:55:9f:a2:48:58:93:61:f6:de:86:8f:8a:
9d:5e:b5:0c:f7:4a:8b:ae:12:76:32:b0:f0:4e:f6:
59:e9:21:ba:ae:36:69:ef:1c:6a:d2:b0:65:ed:50:
ed:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:FB:76:34:9C:38:95:0E:BE:4E:60:89:35:74:D0:EE:4C:E3:A4:C3
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/xPt2NJw4lQ6-TmCJNXTQ7kzjpMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.249.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.152.0/24
185.210.154.0/24
185.210.233.0/24
185.210.235.0/24
185.214.102.0/23
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.225.22.0/24
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.240.120.0/23
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:82:5e:0d:1c:52:7c:f9:58:9c:6b:76:a3:0d:07:13:7e:00:
26:7b:a9:ab:76:0b:31:91:a9:9e:75:3c:2e:47:bc:30:c7:89:
bc:fa:92:9a:29:f0:3b:20:19:52:8b:28:4c:9e:11:af:1d:93:
e4:16:b4:31:38:fe:0b:81:d0:62:33:7c:06:cd:84:f3:ec:d4:
f7:31:c0:1f:1b:db:a7:bd:87:55:0c:7d:7c:38:e8:90:c7:a2:
ac:5a:6c:b7:5c:aa:67:a5:e2:31:18:0f:05:64:27:23:ec:5b:
8b:69:10:e0:78:4b:3f:95:3d:0f:a4:05:c7:1d:9f:bf:3b:4c:
1b:6e:d4:bb:b3:71:8d:9e:ad:a0:8f:2d:cd:8a:06:cb:71:e3:
be:84:58:90:98:c9:af:e5:51:d3:41:ed:78:e0:e7:6e:11:6a:
5d:ae:63:2b:06:27:91:2d:a1:9d:4f:77:8a:02:e7:bd:57:13:
81:78:33:bb:ed:52:ed:96:2a:ef:44:76:04:43:28:d9:68:db:
18:da:69:8b:de:c4:0a:c5:12:13:fb:9e:f3:bc:ab:23:1d:53:
03:5e:e8:07:d7:f0:92:6d:19:fd:77:cb:44:3c:61:aa:bc:95:
68:d1:f9:ee:4a:9d:91:4c:40:cb:41:70:d8:53:3d:16:32:4c:
ac:99:c5:5d
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAZ6nIS+UBr1eRFXRDgNoP0yfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNjA4MTIwNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGZiNzYzNDljMzg5NTBlYmU0ZTYwODkzNTc0ZDBlZTRjZTNhNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUUgWc9t8r1ljvS3zGhQZnyYF9WL
62v2V+7mKY8PVpKUyNAUwYcVBx2wNqy1mLFaL49cEmIrAv8G7PoI0zRhAQMA+y7b
BLdC+hX4fj6NxikefFGXpGz/1I16jsnYdGLQwtHYrRYSUYEqQwK/LeKxIJcne6Yq
eJj4fpofz5mSf7hI+Q5wss4t1zIu2sYTQK1PpQe4hoEuRbk1fObmxPvUs8NaJi5o
C5pB/Krw//C/EOwOTKfqiguWFiHStwunQlRxmpsQ7Gd9i+7TrB9nk6rZbPa8OYhV
n6JIWJNh9t6Gj4qdXrUM90qLrhJ2MrDwTvZZ6SG6rjZp7xxq0rBl7VDtBwIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFMT7djScOJUOvk5giTV00O5M46TDMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEveFB0Mk5KdzRsUTYtVG1DSk5YVFE3a3pqcE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCASYEAgABMIIB
HgMEAC0IFwMEAC1aEQMEAS2DhgMEALlszAMEALl+UgMEALnHNgMEAbnHngMEALnO
+QMEALnO+wMEALnRJjAMAwQAudFJAwQCudFIAwQAudKYAwQAudKaAwQAudLpAwQA
udLrAwQBudZmAwQAudZsAwQAudoUAwQAudplAwQCudz4AwQAud0UAwQBud4cAwQA
ud9QAwQAud+bAwQCueEAAwQAueEWAwQAueJoAwQAueJrAwQAueOQAwQBueOSAwQA
ueRIAwQAueRLAwQAueY1AwQAueZDAwQAuejOAwQAueoWAwQBufB4AwQAufZwMAwD
BATBCHADBADBCHIDBADBOpADBAHBOpIDBADCBUEDBADCBUMDBADCTKkDBADCfEUw
DQYJKoZIhvcNAQELBQADggEBALmCXg0cUnz5WJxrdqMNBxN+ACZ7qat2CzGRqZ51
PC5HvDDHibz6kpop8DsgGVKLKEyeEa8dk+QWtDE4/guB0GIzfAbNhPPs1PcxwB8b
26e9h1UMfXw46JDHoqxabLdcqmel4jEYDwVkJyPsW4tpEOB4Sz+VPQ+kBccdn787
TBtu1LuzcY2eraCPLc2KBstx476EWJCYya/lUdNB7Xjg524Ral2uYysGJ5EtoZ1P
d4oC571XE4F4M7vtUu2WKu9EdgRDKNlo2xjaaYvexArFEhP7nvO8qyMdUwNe6AfX
8JJtGf13y0Q8Yaq8lWjR+e5KnZFMQMtBcNhTPRYyTKyZxV0=
-----END CERTIFICATE-----
Generated at Thu Jun 11 05:53:08 2026 by rpki-client